/**
* on-delete-callback
*/
public function ondeleteCb()
{
if (Input::get('act') != 'deleteAll') {
$this->checkUserRole(Input::get('id'));
if ($this->restrictedUser) {
$this->log('Datensatz mit ID ' . Input::get('id') . ' wurde von einem nicht authorisierten Benutzer versucht aus tl_gallery_creator_albums zu loeschen.', __METHOD__, TL_ERROR);
$this->redirect('contao/main.php?do=error');
}
// also delete the child element
$arrDeletedAlbums = GalleryCreatorAlbumsModel::getChildAlbums(Input::get('id'));
$arrDeletedAlbums = array_merge(array(Input::get('id')), $arrDeletedAlbums);
foreach ($arrDeletedAlbums as $idDelAlbum) {
$objAlbumModel = GalleryCreatorAlbumsModel::findByPk($idDelAlbum);
if ($objAlbumModel === null) {
continue;
}
if ($this->User->isAdmin || $objAlb->owner == $this->User->id || true === $GLOBALS['TL_CONFIG']['gc_disable_backend_edit_protection']) {
// remove all pictures from tl_gallery_creator_pictures
$objPicturesModel = GalleryCreatorPicturesModel::findByPid($idDelAlbum);
if ($objPicturesModel !== null) {
while ($objPicturesModel->next()) {
$fileUuid = $objPicturesModel->uuid;
$objPicturesModel->delete();
$objPicture = GalleryCreatorPicturesModel::findByUuid($fileUuid);
if ($objPicture === null) {
$oFile = FilesModel::findByUuid($fileUuid);
if ($oFile !== null) {
$file = new File($oFile->path);
$file->delete();
}
}
}
}
// remove the albums from tl_gallery_creator_albums
// remove the directory from the filesystem
$oFolder = FilesModel::findByUuid($objAlbumModel->assignedDir);
if ($oFolder !== null) {
$folder = new Folder($oFolder->path, true);
if ($folder->isEmpty()) {
$folder->delete();
}
}
$objAlbumModel->delete();
} else {
// do not delete childalbums, which the user does not owns
$this->Database->prepare('UPDATE tl_gallery_creator_albums SET pid=? WHERE id=?')->execute('0', $idDelAlbum);
}
}
}
$this->redirect('contao/main.php?do=gallery_creator');
}
/**
* ondelete-callback
* prevents deleting images by unauthorised users
*/
public function ondeleteCb(\Contao\DC_Table $dc)
{
$objImg = GalleryCreatorPicturesModel::findByPk($dc->id);
$pid = $objImg->pid;
if ($objImg->owner == $this->User->id || $this->User->isAdmin || $GLOBALS['TL_CONFIG']['gc_disable_backend_edit_protection']) {
// Datensatz löschen
$uuid = $objImg->uuid;
$objImg->delete();
//Nur Bilder innerhalb des gallery_creator_albums und wenn sie nicht in einem anderen Datensatz noch Verwendung finden, werden vom Server geloescht
// Prüfen, ob das Bild noch mit einem anderen Datensatz verknüpft ist
$objPictureModel = GalleryCreatorPicturesModel::findByUuid($uuid);
if ($objPictureModel === null) {
// Wenn nein darf gelöscht werden...
$oFile = FilesModel::findByUuid($uuid);
$objAlbum = GalleryCreatorAlbumsModel::findByPk($pid);
$oFolder = FilesModel::findByUuid($objAlbum->assignedDir);
// Bild nur löschen, wenn es im Verzeichnis liegt, das dem Album zugewiesen ist
if ($oFile !== null && strstr($oFile->path, $oFolder->path)) {
// delete file from filesystem
$file = new File($oFile->path, true);
$file->delete();
}
}
} elseif (!$this->User->isAdmin && $objImg->owner != $this->User->id) {
$this->log('Datensatz mit ID ' . $dc->id . ' wurde vom Benutzer mit ID ' . $this->User->id . ' versucht aus tl_gallery_creator_pictures zu loeschen.', __METHOD__, TL_ERROR);
Message::addError('No permission to delete picture with ID ' . $dc->id . '.');
$this->redirect('contao/main.php?do=error');
}
}
